Fourth International Workshop on Secure Software Engineering (SecSE 2010 )

 

2010-02-16 [09:00 - 10:30] : Keynote (Helen D. Karatza)

 

2010-02-16 [11:00 - 12:30] : Agile Development and Hot Patching

Session Chair : Martin Jaatun, SINTEF ICT, Norway



• Supporting Authorization Policy Modification in Agile Development of Web Applications
  Steffen Bartsch


• The road to Hell is paved with good intentions: A story of (in)secure software development
  Richard Sassoon, Martin Gilje Jaatun, Jostein Jensen


• Katana: A Hot Patching Framework for ELF Executables
  Ashwin Ramaswamy, James Oakley, Sean W. Smith, Michael E. Locasto

 

2010-02-16 [14:00 - 15:30] : Testing, monitoring and validation

Session Chair : Martin Jaatun, SINTEF ICT, Norway



• Investigating the limitations of Java annotations for input validation
  Federico Mancini, Dag Hovland, Khalid Mughal


• Classification of Buffer Overflow Vulnerability Monitors
  Hossain Shahriar, Mohammad Zulkernine


• Configuration Fuzzing for Software Vulnerability Detection
  Huning Dai, Christian Murphy, Gail Kaiser

 

2010-02-16 [16:00 - 18:00] : Security modeling and vulnerabilites

Session Chair : Martin Jaatun, SINTEF ICT, Norway



• Practical Experience gained from Modeling Security Goals
  Christian Jung, Frank Elberzhager, Alessandra Bagnato, Fabio Raiteri


• Security modeling and tool support advantages
  Egilv Trygve Baadshaug, Gencer Erdogan, Per Håkon Meland


• Analysing and Visualising Security and Usability in IRIS
  Shamal Faily, Ivan Flechais,


• Security and Performance Aspects of an Agent-Based Link-Layer Vulnerability Discovery Mechanism
  Ziyad Al-Salloum, Stephen Wolthusen